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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S. C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)13 Responsive to communication(s) filed on 06 November 2007 . 
2a)D This action is FINAL. 2b)M This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

, closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) E3 Claim(s) 1-25 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) ^ Claim(s) 1-25 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

1 2) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 1 9(a)-(d) or (f). 
a)D All b)Q Some * c)Q None of: 

!.□ Certified copies of the priority documents have been received. 

2.D Certified copies of the priority documents have been received in Application No. . 

3-D Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1 . This correspondence is in response to amendment file on November 06, 2007. 

2. Claims 1, 5, 14 and 19-25 are amended; Claims 2-4, 7-13 and 15-18 are original. 

3. Claims 1-25 are pending. 

Response to Arguments 

4. Applicant's arguments, see REMARKS, filed on 1 1/06/2007, with respect to the rejection(s) of 
claim(s) 1-25 under 35 U.S.C. 101 for failing to have a concrete and tangible result have been fully 
considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further 
consideration, Applicant's arguments with respect to the rejection(s) of claims 1-25 under 35 U.S.C. 101 
and 35 U.S.C. 103(a) are moot in view of the new ground(s) of rejection. 

Claim Objections 

5. Claim 1 1 is objected to because of the following informalities: the conjunction "; and" placed at 
the end of the Claim should be deleted. 



Claim Rejections - 35 USC § 101 

6. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

Claim 19 is rejected under 35 U.S.C. 101 because the claimed invention is directed to non- 
statutory subject matter. Claim 19 is directed to a computer-readable medium for carrying one or more 
sequence of instructions. The Examiner respectfully asserts that the claimed subject matter does not fall 
with the statutory class listed in 35 U.S.C. 101. The disclosure of the invention recites transmission 
media , such as: acoustic or light waves, data signals, carrier wave, electromagnetic or optical signals and 
digital data streams (see paragraphs [0030] to [0032] in the specification). A transmission media does not 
fall within one of the four statutory classes of 101. Therefore, Claim 19 and the respective dependent 
Claims 20-25 are rejected as being directed to non-statutory subject matter. 
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Claim Rejections - 35 USC § 103 

7. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1-25 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
"Baker" (US 5,428,349) in view of "Hoover (US 6,209,102 B1). 



As per Claim 1, Baker teaches, 

A computer-implemented method for secure password entry (see Fig.2-4; and abstract), 
comprising: displaying a password prompt comprising a changing stream of random characters (see 8 in 
Fig.2 & 3; where a stream of random characters is displayed), wherein a particular character within said 
changing stream of random characters is displayed at a visibly detectable higher frequency (see Steps 22 
& 23 in Fig. 4; where array of alpha-numeric characters are displayed in a visibly detectable frequency). 

Baker fails to teach explicitly receiving input to increment or decrement said particular character 
to reach a password character of a password. 

However, in the same filed of endeavor, Hoover teaches receiving input to increment or 
decrement said particular character to reach a password character of a password (see Fig. 1 & 2; and for 
example, col. 2, line 36-63). 

It would have been of obvious to a person having ordinary skill in the art at the time of Applicant's 
invention to combine the teachings of Hoover and Baker because both inventions are directed to method 
of password entry system. One having ordinary skill in the art would be motivated to incorporate the input 
increment and decrement feature of Hoover into the password entry method of Baker in order to prevent 
an attacker from downloading keystrokes or character positions when an authorized user enters 
password to gain an access to a secured system (see of Background Hoover). 
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As per Claim 10, Baker teaches, 

A system for secure password entry (see abstract), comprising: a data processing system for 
controlling a display interface (see Fig.1-3 and 5-6); said data processing system further comprising: 
means for displaying a password prompt (see I/O DEVICE in Fig. 1-3 and I/O DEVICE 41 and 47 inFig.5- 
6) comprising a changing stream of random characters within said display interface (see changing 
random characters displayed in 8 of Fig. 2-3), wherein a particular character within said changing stream 
of random characters is displayed at a visibly detectable higher frequency (see Fig. 4; where array of 
alpha-numeric characters are displayed in a visibly detectable frequency). 

Baker fails to teach explicitly a means for receiving input at said data processing system to 
increment or decrement said particular character to reach a password character of a password. 

However, Hoover teaches a means for receiving input at said data processing system to 
increment or decrement said particular character to reach a password character of a password (see Fig. 1 
& 2; and for example, col. 2, line 36-63). 

[The same reason to combine the two arts and same motivation to incorporate the arts applied to . 
Claim 1 above are applied to this claim] v 

As per Claim 19, Baker teaches, 

A computer program product for secure password entry, residing on a computer readable 
medium comprising instructions which when executed on a computer system cause the computer system 
to (see Fig. 1-6; and abstract): display a password prompt comprising a changing stream of random 
characters (see 8 in Fig.2 & 3; where a stream of random characters is displayed), wherein a particular 
character within said changing stream of random characters is displayed at a visibly detectable higher 
frequency (see Steps 22 & 23 in Fig. 4; where array of alpha-numeric characters are displayed in a visibly 
detectable frequency). 

Baker fails to teach explicitly receive input to increment or decrement said particular character to 
reach a password character of a password. 

However, Hoover teaches receiving input to increment or decrement said particular character to . 
reach a password character of a password (see Fig. 1 & 2; and for example, col. 2, line 36-63). 

[The same reason to combine the two arts and same motivation to incorporate the arts applied to 
Claim 1 above are applied to this claim] 



Application/Control Number: Page 5 

10/849,610 

Art Unit: 2139 

As per Claims 2-3, 11-12 and 20-21, Baker teaches, 

displaying a plurality of character positions, wherein a stream of random characters is displayed 
in each of said plurality of character positions (see F/g.2-3; where plurality of character positions of 
positions are displayed', and for example, col.2 f line 57 to col. 3, line 12), wherein a particular position from 
among said plurality of character positions provides said password prompt (see Step 24 ofFig.4; where 
user selects a particular position; and for example, col.3, lines 12-44); and adjusting a number of said 
plurality of character positions (see Step 23; where the N and/or M in ROW/COLUMN can be adjusted] 
and for example, col.3, line 57 to col.4, line 28). 

As per Claim 5, 14 and 23, Baker teaches, 

responsive to receiving input of a character selection input indicating that said particular 
character, selecting said particular character as said password character from among a plurality of 
separately selectable password characters of said password (see Step 24; where user selects a 
password character from the matrix array)] and 

responsive to receiving input of a password completion character indicating that said password is 
complete, securely passing each separately selected password character of said password to a 
requesting software layer (see Steps 27-31; where last element of the password is entered and access is 
either permitted or denied) . 

As per Claims 6-7 and 15-16, Baker teaches, 

responsive to receiving a request for a password from a software layer within a data processing 
system, invoking a password entry controller (see MICROPROCESSOR CONTROLLER or PASSWORD 
ALGORITHM in Fig. 1, 5 and 6) from within said data processing system, wherein said password entry 
controller controls said displaying said password prompt (see for example, col.2, line 44 to col. 3, line 8; 
and col.4, lines 30-56); and 

responsive to receiving, at a client system (see REMOTE TERMINAL in F/g.5), a request for a 
password entry from a server system (see MAIN COMPUTER 45 in F/g.5) from which said client system 
is attempting to access a resource, invoking a password entry controller from within said data processing 
system, wherein said password entry controller controls said displaying said password prompt (see for 
example, col.4, lines 30-44). 
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Baker fails to teach said receiving input to increment or decrement said particular character. 
However, Hoover teaches a receiving input to increment or decrement said particular character (see Fig. 1 
& 2; and for example, col. 2, line 36-63). 

[The same reason to combine the two arts and same motivation to incorporate the arts applied to 
Claim 1 above are applied to this claim] 

As per Claims 8-9, 17-18 and 24-25, Baker teaches, 

generating and displaying said stream of random characters, wherein said particular character is 
randomly selected (see abstract and Fig. 2-3 and Step 23; where array of random characters are 
displayed] and for example, col.1, line 55 to col. 2, line 10). 

Baker fails to teach explicitly adjusting a frequency percentage at which said particular character 
is displayed. However, Baker teaches displaying randomized alpha-numeric matrix array of characters at 
constant frequency (see abstract and Fig. 2-3 and Step 23). 

It would have been of obvious to a person having ordinary skill in the art at the time of Applicant's 
invention to modify the system of Baker to display characters in an adjusted frequency percentage in 
order to enhance the password entry display unit, which would further discourage and confuse an 
attacker while eavesdropping. 



Conclusion 

8. The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
(See PTO-892). 



Application/Control Number: 

10/849,610 

Art Unit: 2139 



Page 7 



Any inquiry concerning this communication or earlier communications from the examiner should 
be directed to Amare Tabor whose telephone number is (571) 270-3155. The examiner can normally be 
reached on Mon-Fri 7:30a.m. to 5:00p.m., EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Ayaz 
Sheikh can be reached on (571) 272-3795. The fax phone number for the organization where this 
application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent Application 
Information Retrieval (PAIR) system. Status information for published applications may be obtained from 
either Private PAIR or Public PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) 
at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative 
or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272- 
1000. 



Amare Tabor 
AU2139 
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